DecryptedTech

Tuesday29 November 2022

False news about Olympic scandal used to spread malware


Reading time is around minutes.
top-10-computer-viruses-631

Leveraging the hype around the 2012 Olympics in London cyber criminals are pushing out malware via spam emails claiming that Gabrielle Douglas, who won a gold medal in Women's  Gymnastics All Around, will face lifetime ban from sport.  Obviously they are expecting that false news about doping scandals will help a lot in spreading the malware. The email is suggesting a link that will open up a false youtube page and prompt you to download  Adobe Flash plugin to view the content. Sophos, which first reported on this spam, detects the malware as Troj/Agent-XIK and Troj/JSRedir-IA.

Here is the body of the scam email:

Recent Olympic gold medal winner, USA Women's Gymnastics winner Gabrielle Douglas, faces a lifetime ban after reportedly testing positive to banned diuretic furosemide. With details of the case still emerging, British Olympics Committee has ordered a suspension of the athlete until final results arrive.
View the video on youtube now

"As always, remember to think twice before following links in unsolicited messages," a Sophos spokesperson stated. "And, if you really want to keep up-to-date with the latest goings-on from the London Olympics, visit an established news website for the headlines - don't trust an email that arrives in your inbox out of the blue."

[Ed- using a big event to trick people into opening attachments, clicking on links or any number of infection methods is not a new things for Malware writers. They bank on the fact that people love a scandal and our voyuristic natures. The popularity of YouTube and other social sharing sites have given many a false sense of security when it comes to links to them. Both Facebook and YouTube have been used wit this in mind. We highly recommend that people maintain up-to-date malware protection and also avoid clicking on links in emails especially when they contain such dramatic headlines. ]


Discuss this in our Forum

Last modified on Saturday, 04 August 2012 19:29

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.